<?php

namespace App\Base\Middleware;

use App\Admin\Models\AuthRuleModel;
use App\Base\Exceptions\ApiException;
use Illuminate\Support\Facades\Route;
use Closure;

class PermissionMiddleware
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request $request
     * @param  \Closure $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {

        $uid=iscookie_remember(); //记住密码登陆
        if($uid){
            define("UID", $uid);  //记住密码登陆
        }else{
            define("UID", is_login());  //判断是否登陆,定义用户常量
        }
        if (!UID) {
            return redirect("admin/public/login"); //跳转登陆页面
        }
        define("IS_ROOT", is_administrator(UID)); //定义超级管理员

        //定义一个前缀，操作前缀
        $route = Route::current();
        $path = $request->path();
        $rmodel = $route->action["prefix"];
        //前加
        if (!empty($rmodel)) {
            $rmodel = substr($rmodel, 1);
        } else {
            $rmodel = "";
        }
        define("MODULE_NAME", $rmodel); //定义一个前缀
        if (!IS_ROOT) {
            $access = $this->accessControl();

            if (false === $access) {
                throw  new  ApiException(ApiException::ERROR_ACCESS_NOT_ENABLE);
            } elseif (null === $access) {
                //检测访问权限
                $rule = $path;

                if (!$this->checkRule($rule, array(1, 2))) {
                    throw  new  ApiException(ApiException::ERROR_UNAUTHORIZE_ACCESS);
                } else {
                    // 检测分类及内容有关的各项动态权限
                    $dynamic = $this->checkDynamic();
                    if (false === $dynamic) {
                        throw  new  ApiException(ApiException::ERROR_UNAUTHORIZE_ACCESS);
                    }
                }
            }
        }
        return $next($request);
    }

    final protected function accessControl()
    {
        $route = Route::current();
        //$route_name = Route::currentRouteName();
        $rmodel = $route->action["prefix"];
        $allow = config('lzy.ALLOW_VISIT');
        $deny = config('lzy.DENY_VISIT');
   // echo $route_name;
      // echo  $route->uri();//->getActionMethod();
    //exit;
        $check = strtolower($route->uri());//strtolower($rmodel . '/' . $route_name);
        if (!empty($deny) && in_array_case($check, $deny)) {
            return false; //非超管禁止访问deny中的方法
        }

        if (!empty($allow) && in_array_case($check, $allow)) {

            return true;
        }
        return null; //需要检测节点权限
    }

    /**
     * 权限检测
     * @param string $rule 检测的规则
     * @param string $mode check模式
     * @return boolean
     * @author 林子彦  <278805354@qq.com>
     */
    final protected function checkRule($rule, $type = AuthRuleModel::RULE_URL, $mode = 'url')
    {
        static $Auth = null;
        if (!$Auth) {
            $Auth = new \App\Base\Helpers\Lib\Auth();
        }
        if (!$Auth->check($rule, UID, $type, $mode)) {
            return false;
        }
        return true;
    }

    /**
     * 检测是否是需要动态判断的权限
     * @return boolean|null
     *      返回true则表示当前访问有权限
     *      返回false则表示当前访问无权限
     *      返回null，则表示权限不明
     *
     * @author 林子彦  <278805354@qq.com>
     */
    protected function checkDynamic()
    {

    }


}
